The US Treasury Department has reported that it fell victim to a cyberattack carried out by hackers considered to be sponsored by the Chinese government. In a letter sent to US lawmakers, which was shared via TechCrunch, the Treasury revealed that these hackers gained remote access to employee workstations and unclassified documents.
Security Breach Details
The point of entry for the hackers was a third-party software provider named BeyondTrust. This company disclosed that the hackers accessed a security key stored in their database. With this key, the attackers were able to remotely access user workstations that held unclassified documents. Currently, the service is offline.
Ongoing Investigation
The Treasury is collaborating with CISA, the FBI, and other intelligence agencies to assess the extent of the cyberattack. In their statement, the Treasury indicated that, "based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor."
China's Response
Bloomberg reported that a spokesperson from the Chinese Foreign Ministry described these allegations as "unwarranted and groundless." During a press conference in Beijing, spokeswoman Mao Ning stated that China opposes "all forms of hacking, and especially, we oppose the spread of disinformation related to China that is driven by a political agenda."
TechCrunch | Bloomberg
Source: Link
